HTTP: Adobe Multiple Products BMP Image Header Handling Buffer Overflow
This signature detects attempts to exploit a known vulnerability in multiple Adobe products. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
Multiple Adobe products are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied input. The vulnerability occurs when handling malformed image header data in image files. Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running one of the applications. Failed exploit attempts will result in a denial-of-service condition. The following products are vulnerable: Adobe Photoshop Album Starter 3.2 Adobe After Effects CS3 Other applications and versions may also be affected.
Affected Products
Adobe after_effects_cs3
Short Name
HTTP:STC:ADOBE:BMP-HEADER
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Adobe BMP Buffer CVE-2008-1765 Handling Header Image Multiple Overflow Products bid:28874
Release Date
10/01/2010
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3668
False Positive
Unknown
Vendors
Adobe
CVSS Score
9.3